Lucene search

MitreCVE-2011-0406

HistoryJan 11, 2011 - 3:00 a.m.

CVE-2011-0406

2011-01-1103:00:06

CWE-119

mitre

web.nvd.nist.gov

cve-2011-0406

historysvr.exe

wellintech kingview

buffer overflow

remote code execution

tcp port 777

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

Low

EPSS

0.544

Percentile

97.6%

JSON

Heap-based buffer overflow in HistorySvr.exe in WellinTech KingView 6.53 allows remote attackers to execute arbitrary code via a long request to TCP port 777.

Affected configurations

Nvd

Node

wellintechkingviewMatch6.53

VendorProductVersionCPE
wellintechkingview6.53cpe:2.3:a:wellintech:kingview:6.53:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
wellintech	kingview	6.53	cpe:2.3:a:wellintech:kingview:6.53:::::::*

References

osvdb.org/70366

secunia.com/advisories/42851

securityreason.com/securityalert/8134

thesauceofutterpwnage.blogspot.com/2011/01/waking-up-sleeping-dragon.html

www.cnnvd.org.cn/showCnnvd.html?id=2011010108

www.exploit-db.com/exploits/15957

www.kb.cert.org/vuls/id/180119

www.kingview.com/news/detail.aspx?contentid=528

www.securityfocus.com/bid/45727

www.vupen.com/english/advisories/2011/0063

exchange.xforce.ibmcloud.com/vulnerabilities/64559

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

8.3

Confidence

Low

EPSS

0.544

Percentile

97.6%

JSON

Related for CVE-2011-0406